CVE-2022-36900

Jenkins Compuware zAdviser API Plugin 1.0.3 and earlier does not restrict execution of a controller/agent message to agents, allowing attackers able to control agent processes to retrieve Java system properties.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

AND
cpe:2.3:a:jenkins:compuware_zadviser_api:*:*:*:*:*:jenkins:*:*
OR cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
cpe:2.3:a:jenkins:jenkins:*:*:*:*:-:*:*:*

Information

Published : 2022-07-27 08:15

Updated : 2022-08-03 16:50


NVD link : CVE-2022-36900

Mitre link : CVE-2022-36900


JSON object : View

CWE
CWE-693

Protection Mechanism Failure

Advertisement

dedicated server usa

Products Affected

jenkins

  • compuware_zadviser_api
  • jenkins